JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.130

104.207.48.130 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 39%: ?

39%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.130

Whois 104.207.48.130

IP Abuse Reports for 104.207.48.130:

This IP address has been reported a total of 140 times from 21 distinct sources. 104.207.48.130 was first reported on June 12th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-06-04 04:11:50 (4 days ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇲🇽 octageeks.com	2026-06-03 04:08:15 (5 days ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇩🇪 FeG Deutschland	2026-05-31 21:45:25 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇩🇪 iNetWorker	2026-05-30 21:24:06 (1 week ago)	trolling for resource vulnerabilities	Web App Attack
Anonymous	2026-05-30 16:20:34 (1 week ago)	Web attack blocked by Wordfence on gedichtenlangsdegeul.nl (1 hit). Reported by CRMON.	Web App Attack
🇲🇽 octageeks.com	2026-05-29 04:15:49 (1 week ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 koinkash.org	2026-05-28 03:40:22 (1 week ago)	They are fraudulent. Malicious threat actor requesting php file /wp-login.php	Web App Attack
Anonymous	2026-05-28 00:52:07 (1 week ago)	wordpress authentication brute force	Brute-Force Web App Attack
🇫🇷 dynamix	2026-05-27 10:41:14 (1 week ago)	WordPress wp-login.php Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 07:30:22 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 02:30:16.574108 2026] [security2:error] [pid 8081:tid 8081] [client 104.207.48.130:25967] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "indoorsfinishing.com"] [uri "/wp-config.php__"] [unique_id "aWs6iKY81MtkDdIj9oFwiAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-01-13 11:55:40 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:20 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-11-25 19:55:02 (6 months ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:48:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:48:43.034252 2025] [security2:error] [pid 6821:tid 6821] [client 104.207.48.130:53433] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.haerringer.com"] [uri "/.env"] [unique_id "aSUZC5YcLRpFMxMDMtzu8QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Smel	2025-11-25 02:22:01 (6 months ago)	HTTP/80/443/8080 Unauthorized Probe, Hack -	Hacking Web App Attack

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.149.224

🇺🇸 172.66.45.17

🇩🇪 217.248.73.66

🇿🇦 196.192.89.5

🇲🇽 187.235.33.33

🇩🇪 167.233.25.83

🇩🇪 144.31.117.175

🇵🇭 126.209.74.189

🇧🇬 91.191.209.118

🇺🇸 72.191.28.44

🇳🇱 45.148.10.147

🇺🇸 34.138.16.49

🇦🇱 130.49.189.41

🇻🇳 123.21.100.192

🇵🇰 111.92.138.115

🇮🇶 65.20.184.80

🇬🇧 45.82.76.136

🇧🇪 34.76.72.244

🇺🇸 23.234.108.64

🇨🇦 15.235.98.99